English
Related papers

Related papers: VulDeeLocator: A Deep Learning-based Fine-grained …

200 papers

Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when…

Software Engineering · Computer Science 2025-09-30 Haoran Xu , Chen Zhi , Junxiao Han , Xinkui Zhao , Jianwei Yin , Shuiguang Deng

Software supply chain vulnerabilities arise when attackers exploit weaknesses by injecting vulnerable code into widely used packages or libraries within software repositories. While most existing approaches focus on identifying vulnerable…

Cryptography and Security · Computer Science 2025-06-25 Sajal Halder , Muhammad Ejaz Ahmed , Seyit Camtepe

Though many deep learning-based models have made great progress in vulnerability detection, we have no good understanding of these models, which limits the further advancement of model capability, understanding of the mechanism of model…

Software Engineering · Computer Science 2024-08-15 Chao Ni , Liyu Shen , Xiaodan Xu , Xin Yin , Shaohua Wang

1-day vulnerabilities in binaries have become a major threat to software security. Patch presence test is one of the effective ways to detect the vulnerability. However, existing patch presence test works do not perform well in practical…

Cryptography and Security · Computer Science 2025-01-30 Chaopeng Dong , Jingdong Guo , Shouguo Yang , Yang Xiao , Yi Li , Hong Li , Zhi Li , Limin Sun

Vulnerability prediction is valuable in identifying security issues efficiently, even though it requires the source code of the target software system, which is a restrictive hypothesis. This paper presents an experimental study to predict…

Cryptography and Security · Computer Science 2025-04-01 D. Cotroneo , F. C. Grasso , R. Natella , V. Orbinato

Bug datasets are vital for enabling deep learning techniques to address software maintenance tasks related to bugs. However, existing bug datasets suffer from precise and scale limitations: they are either small-scale but precise with…

Software Engineering · Computer Science 2024-03-12 He Ye , Zimin Chen , Claire Le Goues

Large language models are widely used for code generation, yet they rely on an implicit assumption that the task descriptions are sufficiently detailed and well-formed. However, in practice, users may provide defective descriptions, which…

Software Engineering · Computer Science 2026-04-28 Amal Akli , Mike Papadakis , Maxime Cordy , Yves Le Traon

Software security is crucial in any field where breaches can exploit sensitive data, and lead to financial losses. As a result, vulnerability detection becomes an essential part of the software development process. One of the key steps in…

Software Engineering · Computer Science 2024-12-03 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

Most visual retrieval applications store feature vectors for downstream matching tasks. These vectors, from where user information can be spied out, will cause privacy leakage if not carefully protected. To mitigate privacy risks, current…

Computer Vision and Pattern Recognition · Computer Science 2022-08-02 Qiang Meng , Feng Zhou

Open-source software (OSS) vulnerabilities are increasingly prevalent, emphasizing the importance of security patches. However, in widely used security platforms like NVD, a substantial number of CVE records still lack trace links to…

Software Engineering · Computer Science 2024-07-25 Kaixuan Li , Jian Zhang , Sen Chen , Han Liu , Yang Liu , Yixiang Chen

In this paper, we present the first comprehensive empirical study of specialized LLM-based detectors and compare them with traditional static analyzers at the project scale. Specifically, our study evaluates five latest and representative…

Software Engineering · Computer Science 2026-01-28 Fengjie Li , Jiajun Jiang , Dongchi Chen , Yingfei Xiong

The significant advancements in Large Language Models (LLMs) have resulted in their widespread adoption across various tasks within Software Engineering (SE), including vulnerability detection and repair. Numerous studies have investigated…

Software Engineering · Computer Science 2024-10-08 Xin Zhou , Sicong Cao , Xiaobing Sun , David Lo

Traditional security protection methods struggle to address sophisticated attack vectors in large-scale distributed systems, particularly when balancing detection accuracy with data privacy concerns. This paper presents a novel distributed…

Cryptography and Security · Computer Science 2025-02-26 Yuqing Wang , Xiao Yang

Context: Software vulnerabilities pose significant security threats to software systems, especially as software is increasingly used across many areas of daily life, including health, government, and finance. Recently, transformer-based…

Software Engineering · Computer Science 2026-04-29 Fiza Naseer , Javed Ali Khan , Muhammad Yaqoob , Alexios Mylonas , Ishaya Gambo

The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a Common Vulnerability Scoring System (CVSS) vector and…

Cryptography and Security · Computer Science 2022-10-06 Philipp Kuehn , David N. Relke , Christian Reuter

The growing complexity of cyber threats and the limitations of traditional vulnerability detection tools necessitate novel approaches for securing software systems. We introduce MalCodeAI, a language-agnostic, multi-stage AI pipeline for…

Cryptography and Security · Computer Science 2025-09-22 Jugal Gajjar , Kamalasankari Subramaniakuppusamy , Noha El Kachach

Vulnerability databases are vital sources of information on emergent software security concerns. Security professionals, from system administrators to developers to researchers, heavily depend on these databases to track vulnerabilities and…

Cryptography and Security · Computer Science 2020-06-29 Afsah Anwar , Ahmed Abusnaina , Songqing Chen , Frank Li , David Mohaisen

It is increasingly suggested to identify Software Vulnerabilities (SVs) in code commits to give early warnings about potential security risks. However, there is a lack of effort to assess vulnerability-contributing commits right after they…

Software Engineering · Computer Science 2021-08-19 Triet H. M. Le , David Hin , Roland Croft , M. Ali Babar

Software vulnerabilities (SVs) have emerged as a prevalent and critical concern for safety-critical security systems. This has spurred significant advancements in utilizing AI-based methods, including machine learning and deep learning, for…

Software Engineering · Computer Science 2025-10-07 Van Nguyen , Surya Nepal , Tingmin Wu , Xingliang Yuan , Carsten Rudolph

Software Composition Analysis (SCA) has become pivotal in addressing vulnerabilities inherent in software project dependencies. In particular, reachability analysis is increasingly used in Open-Source Software (OSS) projects to identify…

Software Engineering · Computer Science 2025-06-25 Lyuye Zhang , Jian Zhang , Kaixuan Li , Chong Wang , Chengwei Liu , Jiahui Wu , Sen Chen , Yaowen Zheng , Yang Liu